CVE-2022-32756

CWE-2093 documents3 sources

Severity

2.7LOW

EPSS

0.0%

top 88.41%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

IBM Security Verify Directory

Timeline

PublishedMar 22

Description

IBM Security Verify Directory 10.0.0 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 228507.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:NExploitability: 1.2 | Impact: 1.4

Affected Packages2 packages

▶CVEListV5ibm/security_verify_directory10.0.0

▶NVDibm/security_verify_directory10.0.0

🔴Vulnerability Details

CVEList

IBM Security Verify Directory information disclosure↗2024-03-22

▶

GHSA

GHSA-rj3p-p9rq-vvc3: IBM Security Verify Directory 10↗2024-03-22

▶